<?php

class StringHelper {

    /**
     * Encode the text into a string which all white spaces will be replaced by $rplChar
     * @param string $text	text to be encoded
     * @param Char $rplChar character to replace all the white spaces
     * @param boolean upWords	set True to uppercase the first character of each word, set False otherwise
     */
    public static function encode($text, $rplChar = '-', $upWords = true) {
        $encodedText = null;
        if ($upWords) {
            $encodedText = ucwords($text);
        } else {
            $encodedText = strtolower($text);
        }

        if ($rplChar == '') {
            $encodedText = preg_replace('/\s[\s]+/', '', $encodedText);    // Strip off multiple spaces
            $encodedText = preg_replace('/[\s\W]+/', '', $encodedText);    // Strip off spaces and non-alpha-numeric
        } else {
            $encodedText = preg_replace('/\s[\s]+/', $rplChar, $encodedText);    // Strip off multiple spaces
            $encodedText = preg_replace('/[\s\W]+/', $rplChar, $encodedText);    // Strip off spaces and non-alpha-numeric
            $encodedText = preg_replace('/^[\\' . $rplChar . ']+/', '', $encodedText); // Strip off the starting $rplChar
            $encodedText = preg_replace('/[\\' . $rplChar . ']+$/', '', $encodedText); // // Strip off the ending $rplChar
        }
        return $encodedText;
    }

    /**
     * Query Filter String from Litpi.com
     */
    public static function queryFilterString($str) {
        //Use RegEx for complex pattern
        $filterPattern = array(
            '/select.*(from|if|into)/i', // select table query,
            '/0x[0-9a-f]*/i', // hexa character
            '/\(.*\)/', // call a sql function
            '/union.*select/i', // UNION query
            '/insert.*values/i', // INSERT query
            '/order.*by/i'    // ORDER BY injection
        );
        $str = preg_replace($filterPattern, '', $str);

        //Use normal replace for simple replacement
        $filterHaystack = array(
            '--', // query comment
            '||', // OR operator
            '\*', // OR operator
        );

        $str = str_replace($filterHaystack, '', $str);
        return $str;
    }

    //XSS Clean Data Input from Litpi.com
    public static function xss_clean($data) {
        return $data;
        // Fix &entity\n;
        $data = str_replace(array('&amp;', '&lt;', '&gt;'), array('&amp;amp;', '&amp;lt;', '&amp;gt;'), $data);
        $data = preg_replace('/(&#*\w+)[\x00-\x20]+;/u', '$1;', $data);
        $data = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $data);
        $data = html_entity_decode($data, ENT_COMPAT, 'UTF-8');

        // Remove any attribute starting with "on" or xmlns
        $data = preg_replace('#(<[^>]+?[\x00-\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data);

        // Remove javascript: and vbscript: protocols
        $data = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([`\'"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iu', '$1=$2nojavascript...', $data);
        $data = preg_replace('#([a-z]*)[\x00-\x20]*=([\'"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iu', '$1=$2novbscript...', $data);
        $data = preg_replace('#([a-z]*)[\x00-\x20]*=([\'"]*)[\x00-\x20]*-moz-binding[\x00-\x20]*:#u', '$1=$2nomozbinding...', $data);

        // Only works in IE: <span style="width: expression(alert('Ping!'));"></span>
        $data = preg_replace('#(<[^>]+?)style[\x00-\x20]*=[\x00-\x20]*[`\'"]*.*?expression[\x00-\x20]*\([^>]*+>#i', '$1>', $data);
        $data = preg_replace('#(<[^>]+?)style[\x00-\x20]*=[\x00-\x20]*[`\'"]*.*?behaviour[\x00-\x20]*\([^>]*+>#i', '$1>', $data);
        $data = preg_replace('#(<[^>]+?)style[\x00-\x20]*=[\x00-\x20]*[`\'"]*.*?s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*+>#iu', '$1>', $data);

        // Remove namespaced elements (we do not need them)
        $data = preg_replace('#</*\w+:\w[^>]*+>#i', '', $data);

        do {
            // Remove really unwanted tags
            $old_data = $data;
            $data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
        } while ($old_data !== $data);

        // we are done...
        return $data;
    }

    /**
     * check string input is url? http, https, ftp...
     * @param string $url
     * @return boolean
     */
    public static function isValidUrl($url){
        if(filter_var($url, FILTER_VALIDATE_URL))
                return true;

        return false;
    }
    
    /**
     * truncate a string after n words
     * @param string $text
     * @param int $limit limit word
     * @return string
     */
    public static function truncate($text, $limit){
        $text = strip_tags($text);
        if (str_word_count($text, 0) > $limit) {
            $words = str_word_count($text, 2);
            $pos = array_keys($words);
            $text = substr($text, 0, $pos[$limit]) . '...';
        }
        return $text;
    }
}